Predefined Access Policy Implementation Based on Auxiliary Information Embedded in One-Time Authentication Passcodes

ABSTRACT

Techniques are provided for implementing predefined access policies based on auxiliary information embedded in one-time passcode authentication tokens. An exemplary method comprises receiving an authentication passcode generated by a token of a user, wherein the received authentication passcode is derived from a secret seed and based on at least one protocode and embedded auxiliary information; processing the received authentication passcode to extract the embedded auxiliary information from the received authentication passcode, wherein the embedded auxiliary information comprises (i) a silent alarm signal indicating a potential compromise of the token, and (ii) a drifting key signal indicating a current drifting key state of the token, wherein the drifting key signal is processed to detect a cloning of the token; and implementing a predefined access policy (e.g., replace or disable the token of one or more users) based on respective values of the silent alarm signal and the drifting key signal.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is a continuation-in-part application of U.S. patent application Ser. No. 14/266,192, filed April, 2014 entitled “Controlling User Access to Protected Resource Based on Outcome of One-Time Passcode Authentication Token and Predefined Access Policy,” which is a continuation-in-part application of U.S. patent application Ser. No. 14/187,248, filed Feb. 22, 2014 (now U.S. Pat. No. 9,432,360) entitled “Security-Aware Split-Server Passcode Verification for One-Time Authentication Tokens,” which is a continuation-in-part application of U.S. patent application Ser. No. 14/144,712, filed Dec. 31, 2013 (now U.S. Pat. No. 9,407,631) entitled “Multi-Server Passcode Verification for One-Time Authentication Tokens with Auxiliary Channel Compatibility,” each incorporated by reference herein.

FIELD

The field relates generally to authentication, and more particularly to single server and multi-server authentication.

BACKGROUND

One-time authentication tokens produce unpredictable one-time passcodes (OTP) typically by extracting pseudorandomness from a secret seed, that is stored at the token and shared with the authentication server. To protect against server-side leakage of the underlying seed, tokens may employ split-server verification protocols (see, e.g., U.S. Pat. No. 7,725,730). In a split-server verification protocol, the underlying authentication secret is split into at least two partial secrets, each one kept by a distinct verification server, so that authentication of a user is performed at these servers in a distributed manner so that certain attacks against one or more servers can be tolerated.

A number of such split-server OTP verification protocols have been proposed. See, for example, U.S. patent application Ser. No. 13/404,737, (now U.S. Pat. No. 9,118,661) entitled “Method and Apparatus for Authenticating a User Using Multi-Server One-Time Passcode Verification;” U.S. patent application Ser. No. 13/795,801, (now U.S. Pat. No. 9,037,858) entitled “Distributed Cryptography Using Distinct Value Sets Each Comprising At Least One Obscured Secret Value;” and U.S. patent application Ser. No. 14/144,707, (now U.S. Pat. No. 9,454,654) entitled “Multi-Server One-Time Passcode Verification of Respective High Order and Low Order Passcode Portions.”

Nonetheless, a need remains for an end-to-end server-side architecture for an OTP authentication system that simultaneously employs split-server verification and one or more of Silent Alarms (See, for example, U.S. patent application Ser. No. 13/404,788, (now U.S. Pat. No. 9,515,989) entitled “Methods and Apparatus for Silent Alarm Channels Using One-Time Passcode Authentication Tokens”) and Drifting Keys (See, for example, U.S. patent application Ser. No. 13/250,225, (now U.S. Pat. No. 8,699,713) entitled “Key Update With Compromise Detection”).

SUMMARY

Illustrative embodiments of the present invention provide techniques for implementing one or more predefined access policies based on auxiliary information embedded in one-time authentication passcodes. In one embodiment, an exemplary method comprises the steps of: receiving an authentication passcode generated by a token associated with a user, wherein the received authentication passcode is derived from a secret seed and based on at least one protocode and embedded auxiliary information; processing the received authentication passcode to extract the embedded auxiliary information from the received authentication passcode, wherein the embedded auxiliary information comprises (i) a silent alarm signal indicating a potential compromise of the token, and (ii) a drifting key signal indicating a current drifting key state of the token that evolves over time, wherein the drifting key signal is processed to detect a cloning of the token using a copy of the secret seed; and implementing a predefined access policy based on respective values of the silent alarm signal and the drifting key signal.

In some embodiments, the predefined access policy monitors actions of the user when the silent alarm signal indicates the potential compromise of the token and the drifting key signal does not indicate the cloning of the token. In at least one embodiment, the predefined access policy replaces or otherwise disables the token when the silent alarm signal indicates the potential compromise of the token and the drifting key signal indicates the cloning of the token.

In an exemplary enterprise-level embodiment, the predefined access policy replaces or otherwise disables a plurality of tokens for users of an enterprise when the silent alarm signal does not indicate the potential compromise of the token and the drifting key signal indicates the cloning of the token for at least some of the plurality of the tokens, for example, based on a minimum number criteria and/or a minimum time criteria. In some embodiments, the predefined access policy increases a server security when the silent alarm signal does not indicate the potential compromise of the token and the drifting key signal indicates the cloning of the token for at least some of a plurality of the tokens for users of an enterprise.

Embodiments of the invention can be implemented in a wide variety of different authentication applications, including, for example, verification of one-time passcodes (OTPs).

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates an exemplary client-side generation of passcodes by a token;

FIG. 2 illustrates an exemplary split-server passcode verification protocol;

FIG. 3 illustrates an exemplary silent alarm protocol;

FIG. 4 illustrates an exemplary drifting key protocol;

FIG. 5 illustrates exemplary processing of a passcode by a relying party;

FIG. 6 illustrates an exemplary passcode search process;

FIG. 7 illustrates an exemplary state synchronization process;

FIG. 8 illustrates an exemplary auxiliary information processing process;

FIG. 9 illustrates an exemplary final response process for the relying party;

FIG. 10 illustrates an exemplary single server configuration that employs a split module configuraton;

FIG. 11 illustrates an exemplary single server configuration that employs a single module configuraton;

FIG. 12 illustrates an exemplary processing platform that may be used to implement at least a portion of one or more embodiments of the invention comprising a cloud infrastructure; and

FIG. 13 illustrates another exemplary processing platform that may be used to implement at least a portion of one or more embodiments of the invention.

DETAILED DESCRIPTION

Illustrative embodiments of the present invention will be described herein with reference to exemplary communication systems and associated servers, clients and other processing devices. It is to be appreciated, however, that the invention is not restricted to use with the particular illustrative system and device configurations shown. Accordingly, the term “communication system” as used herein is intended to be broadly construed, so as to encompass, for example, systems in which multiple processing devices communicate with one another but not necessarily in a manner characterized by a client-server model.

As will be described, the present invention in one or more illustrative embodiments provides efficient split-server OTP verification protocols that are compatible with the existence of an auxiliary channel that supports one or more of silent alarms and drifting keys. According to one aspect of the invention, a split-server verification protocol is provided where different servers are responsible for verifying different portions (substrings) of the submitted passcode. According to another aspect of the invention, at least one of the servers and the relying party extract embedded auxiliary information from a presented passcode that comprises one or more of a silent alarm and a drifting key.

One-Time Authentication

One-time authentication tokens produce a series of unpredictable one-time passcodes (OTPs) as second authentication factors for the authentication of users to remote servers. Passcodes are typically generated on a regular time basis, i.e., in specified time intervals often called epochs (e.g., the SecurID™ token produces a new OTP every one minute). Passcodes are derived by using some secret state, called a seed, that is stored at the token and also shared with the server. Tokens can either be based on software or hardware. Software tokens produce passcodes on-demand, whenever the token's application is launched in the host device, where a series of passcodes is generated for the epochs following the launching of the application. Hardware tokens produce passcodes on a permanent basis, one passcode per epoch, for the entire lifetime of their battery (e.g., for five years from the time of manufacture). Overall, such tokens produce a time-based series of unpredictable OTPs by extracting pseudorandom bits from their seed which are converted to passcodes.

There are three main steps in the functionality of exemplary one-time authentication tokens:

1. A passcode P_(t′) is produced in time epoch t′ through a one-way cryptographic function f applied on the current epoch t′, and the seed σ of the token. Software tokens specify their current epoch based on the host's device current time, whereas hardware tokens specify their epoch implicitly using a counter.

2. A passcode P_(t′) may then be transmitted to an authentication server to authenticate a user to the server. The transmission of the passcode P_(t′) to the server may happen either by typing performed by the user or automatically by a software token that is directly communicating to the server through a communication channel offered by the host device.

3. On receiving a candidate passcode P_(t′), the server verifies this passcode by contrasting it against the passcode P_(t) that is locally computed by the server, accepting the passcode if and only if p_(t′)=P_(t). If the passcode is not accepted the user is not authenticated; otherwise, the user is authenticated if and only if a user's corresponding PIN is correct. Passcode P_(t) is computed by the server by applying the same function f on the current epoch t′ specified by the server's current time and the seed σ of the token stored at the server. To tolerate small discrepancies between the current time of the software (or hardware) token and the current time of the server, P_(t′) is also contrasted against other 2s passcodes that are defined by epochs that are neighboring epochs to the server's epoch t, that is, to passcodes {P_(t−s), . . . , P_(t−1), P_(t), P_(t+1), . . . , P_(t+s)}.

Future passcodes remain unpredictable even if an attacker has observed an arbitrarily long history of passcodes produced in the past, because passcodes are produced by applying a one way function f on the token's seed, as long as the seed remains secret. Thus, future passcodes are protected against leakage to an attacker.

Protections Against Seed Leakage

Accordingly, the security of any one-time authentication token is impaired if an attacker gets access to the secret seed of the token: Using the seed, the attacker can clone the token. In turn, the attacker can increase its chances for impersonating the corresponding user, by either performing a brute-force attack on the user's PIN or by launching a more sophisticated man-in-the-middle attack for harvesting the user's PIN. In reality, the fact that the security of the token is based on a secret seed will motivate the attacker to go after this secret seed by following one of the following three attack patterns:

1. Server Compromise: The attacker may compromise the authentication server and get the secret seed of the tokens of one or more users. The attacker may compromise the server ephemerally by instantly stealing the seed(s), or permanently by remaining in control of the server for a period of time.

2. Token Tampering or Compromise: The attacker may compromise the token and get its secret seed by performing a direct attack against the host device of a software token or by physically tampering with a hardware token to directly read its seed.

3. Seed-Record Capturing: The attacker may get the secret seed of the token indirectly by attacking a storage or communication unit used to store or transfer the token's seed, or through side-channel attacks performed against the token or the server.

Although conventional one-time authentication tokens are vulnerable to all such seed-leakage attacks, a general solution has been recently proposed in U.S. patent application Ser. No. 13/837,259, (now U.S. Pat. No. 9,270,655) entitled “Configurable One-Time Authentication Tokens with Improved Resilience to Attacks,” that involves the design of a configurable one-time authentication token which is equipped with several intrusion-detection, intrusion-resilience, tamper-resistance and token-visibility technologies that protect against the above attacks. The exemplary design optionally employs one or more of the following exemplary tamper-resistance and token-visibility techniques, as described in:

U.S. patent application Ser. No. 13/826,993, (now U.S. Pat. No. 9,654,467) entitled “Time Synchronization Solutions for Forward-Secure One-Time Authentication Tokens;”

U.S. patent application Ser. No. 13/828,588, entitled “Randomizing State Transitions for One-Time Authentication Tokens;”

U.S. patent application Ser. No. 13/826,924, (now U.S. Pat. No. 9,225,717) entitled “Event-Based Data-Signing Via Time-Based One-Time Authentication Passcodes;”

U.S. patent application Ser. No. 13/250,225, (now U.S. Pat. No. 8,699,713) entitled “Key Update With Compromise Detection;”

U.S. patent application Ser. No. 13/728,271, (now U.S. Pat. No. 9,083,515) entitled “Forward Secure Pseudorandom Number Generation Resilient to Forward Clock Attacks;”

U.S. patent application Ser. No. 13/404,780, (now U.S. Pat. No. 8,984,609) entitled “Method and Apparatus for Embedding Auxiliary Information in One-Time Passcodes;”

U.S. patent application Ser. No. 13/404,788, (now U.S. Pat. No. 9,515,989) entitled “Methods and Apparatus for Silent Alarm Channels Using One-Time Passcode Authentication Tokens;”

U.S. patent application Ser. No. 13/334,709, (now U.S. Pat. No. 9,008,303) entitled “Methods and Apparatus for Generating Forward Secure Pseudorandom Numbers;” and

U.S. patent application Ser. No. 13/404,737, (now U.S. Pat. No. 9,118,661) entitled “Method and Apparatus for Authenticating a User Using Multi-Server One-Time Passcode Verification.”

Each of the above-referenced patent applications are incorporated by reference herein. The exemplary design also employs one or more of the following exemplary intrusion-detection, and instruction-resilience techniques. For a discussion of exemplary split-server passcode verification techniques, see, for example, U.S. patent application Ser. No. 13/404,737, (now U.S. Pat. No. 9,118,661) entitled “Method and Apparatus for Authenticating a User Using Multi-Server One-Time Passcode Verification;” U.S. patent application Ser. No. 13/795,801, (now U.S. Pat. No. 9,037,858) entitled “Distributed Cryptography Using Distinct Value Sets Each Comprising At Least One Obscured Secret Value;” and U.S. patent application Ser. No. 14/144,707, (now U.S. Pat. No. 9,454,654) entitled “Multi-Server One-Time Passcode Verification of Respective High Order and Low Order Passcode Portions,” each incorporated by reference herein.

For a discussion of exemplary silent alarm techniques, see, for example, U.S. patent application Ser. No. 13/404,788, (now U.S. Pat. No. 9,515,989) entitled “Methods and Apparatus for Silent Alarm Channels Using One-Time Passcode Authentication Tokens” incorporated by reference herein. For a discussion of exemplary Drifting Keys techniques, see, for example, U.S. patent application Ser. No. 13/250,225, (now U.S. Pat. No. 8,699,713) entitled “Key Update With Compromise Detection,” incorporated by reference herein. Silent alarms and drifting keys further employ the use of an auxiliary channel. See, for example, U.S. patent application Ser. No. 13/404,780, (now U.S. Pat. No. 8,984,609), entitled “Method and Apparatus for Embedding Auxiliary Information in One-Time Passcodes,” incorporated by reference herein.

Extensions of the exemplary split-server passcode verification protocols are disclosed herein that are compatible with the use of an auxiliary channel. See, for example, U.S. patent application Ser. No. 14/144,712, filed Dec. 31, 2013 (now U.S. Pat. No. 9,407,631) entitled “Multi-Server Passcode Verification for One-Time Authentication Tokens with Auxiliary Channel Compatibility,” incorporated by reference herein.

1. Split-Server Passcode Verification: This technique involves dispersing the task of verifying a candidate passcode (provided by a user or token) among two or more verification servers so that each such participating server S_(i) stores only a partial secret state σ_(i). Then, verification is securely implemented in a distributed manner so that leakage of one or more, but up to a specified threshold, partial secret states does not compromise the security of the token.

Typically, the seed is split into two pieces, often called the red and the blue partial seeds, stored separately by the red server and the blue server. Upon receiving a candidate passcode P_(t′), the two servers interact through a secure protocol to jointly compute the passcode P_(t) against which the candidate passcode is contrasted, and accordingly P_(t′) is rejected if any of the two servers outputs “reject.” This decision is typically made by a so-called relying party (RP) server that is stateless and responsible for the final decision about the acceptance of P_(t′) based on the individual outputs of the red and the blue servers.

The additional feature of proactivization can be used according to which the partial states of the (e.g., two) servers evolve over time and where the servers periodically exchange secure descriptions (e.g., hashes) of their partial secret states, which are then used to create their new partial secret states.

2. Silent Alarms: This technique detects token compromise and eventually prevents certain impersonation attempts by an attacker. The token stores a secret silent alarm state SA that changes to a new state SA′ once the token senses/detects a suspicious activity that indicates possible token compromise; this change serves as an alert flag. This change is performed in a forward-secure and stealthy manner. Even after the complete token compromise by an attacker, the new state SA′ alone is not indicative of whether or not any alert flag has been raised (thus, the alert serves as a silent alarm) and the new state cannot be reverted to the old state (thus, the alarm cannot be shut off).

Using an auxiliary channel, the silent alarm state can be embedded into the passcodes produced by the token, and thus passed to the authentication server. By decoding and reading these states, the authentication server, in turn, can eventually learn about one or more raised alert flags and then appropriately handle the current authentication attempt by the user. Successful decoding of an embedded alert flag is a probabilistic event that happens with some positive probability. The alert flag will be eventually received in one of the next few transmitted passcodes. False negatives exist, but no false positives (other than with negligible probability). A received alert flag always indicates a suspicious (according to some alerting policy) event that happens at the token.

3. Drifting Keys: This technique detects token cloning and eventually prevents certain impersonation attempts by an attacker. The token stores a drifting key state DK that changes over time randomly. This random state change corresponds to a unique fingerprint of the token, which evolves over time at some low rate (e.g., a few new random bits are added to the state every week). These small changes in the token's drifting-key fingerprint are then embedded into the produced passcodes, and thus passed to the server. Thus, assuming some frequent enough usage of the token by the user, the server gradually learns (partially or completely) the token's fingerprint.

Because this randomly evolving fingerprint is unique over the lifetime of the token, if a cloned token starts reporting cloned drifting-key updates to the server, these will not match the drifting key updates reported by the original, cloned, token. Thus, as long as the original token and the cloned one are being used during some long enough time window by the legitimate user and the attacker respectively, with overwhelming probability the server will notice an inconsistency in the received fingerprint (even if the server only has partial knowledge of it). The server may not be able to distinguish the cloned token from the original one, but it will be alerted that a possible cloning attack has been performed and will react to this—according to a certain policy.

Again, successful decoding of an embedded DK update is a probabilistic event happening with some positive probability. Fingerprint updates will be eventually received in one of the next few transmitted passcodes. False negatives exist, but no false positives (other than with negligible probability). A received inconsistent drifting-key update always indicates a cloning attack against the token.

It is noted that all of the above three security mechanisms (as well as the underlying auxiliary channel) require the use of pseudorandomness, in particular, of a forward-secure pseudorandom number generator (FS-PRNG), e.g., as described in U.S. patent application Ser. No. 13/334,709, (now U.S. Pat. No. 9,008,303) entitled “Methods and Apparatus for Generating Forward Secure Pseudorandom Numbers.” Forward security can be applied to management of the internal state of one-time authentication tokens. Instead of using a fixed global secret state, e.g., a seed, for the entire lifetime of the token, the secret state can evolve over time in a one-way cryptographic manner so that older states cannot be computed from newer states (e.g., new seeds may be computed using a one-way hash chain). By using elaborate hierarchical hashing schemes, it is possible to improve the server-side performance with respect to management of time-evolving seeds.

However, supporting simultaneously the use of all these three security mechanisms in an end-to-end integrated design of the server-side functionality of an OTP authentication token is not a trivial task. Typically, existing schemes, such as those referred to above as split-server authentication, silent alarm and drifting key schemes, implement only one of these mechanisms. Therefore, as noted above, there exists a need for designing a server-side architecture of an OTP authentication token that employs split-server authentication and simultaneously allows for one or more of silent alarms and drifting keys.

Server-Side Architecture

As noted above, one aspect of the invention provides an architectural design for the server-side operation of an OTP authentication token that fully supports split-server passcode verification, silent alarms and drifting keys. A corresponding client-side token design is assumed that supports all three of these mechanisms, for instance, the design of U.S. patent application Ser. No. 13/837,259, (now U.S. Pat. No. 9,270,655) entitled “Configurable One-Time Authentication Tokens with Improved Resilience to Attacks.” In particular, the exemplary embodiment is based on the use of two FS-PRNGs, one called red or G_(r) and one called blue or G_(b), in support of the split-server passcode verification functionality.

The exemplary embodiment described herein support all three of the above security mechanisms, but the disclosed architecture can be simplified to support only one of the silent alarms or drifting keys mechanisms, as would be apparent to a person of ordinary skill in the art.

An asymmetric configuration is assumed, as the one used in U.S. patent application Ser. No. 13/837,259, (now U.S. Pat. No. 9,270,655) where the pseudorandomness required for supporting silent alarms, drifting keys and the underlying auxiliary channel is provided by only one of two FS-PRNGs in use, without loss of generality by the blue FS-PRNG G_(b). Such an asymmetric configuration makes sense, as silent alarms and drifting keys (along with their underlying auxiliary channel) do not individually require any distributed-crypto or split-state technical considerations. However, simple extensions of the exemplary architectural design are presented where the silent alarms and/or drifting keys makes use of pseudorandomness that is derived by a different FS-PRNG (say the red one G_(r)) than the one employed by the underlying auxiliary channel (say the blue one G_(b)).

FIG. 1 illustrates an exemplary client-side generation of passcodes by a token 100. As shown in FIG. 1, the exemplary token 100 comprises a red and a blue FS-PRNG, G_(r) and G_(b), respectively, that produce protocodes P_(R,t) and P_(B,t), respectively, for each epoch t. Additionally, in the exemplary embodiment, the blue FS-PRNG G_(b) produces pseudorandom information that is used for the auxiliary channel (AC), drifting keys (DK) and silent alarm (SA), which, in turn, is optionally used by the auxiliary channel 110 to embed additional information into the two produced protocodes, finally producing the transmitted passcode P_(t).

Generally, R_(T,c) ^(t) denotes the pseudorandomness derived by FS-PRNG G_(c), c∈{b, r}; (in server B or R) for epoch t and that is used in security mechanism T, T∈{AC,SA,DK}, where AC, SA and DK stand respectively from “auxiliary channel,” “silent alarms” and “drifting keys.”

The final exemplary passcode P_(t) is computed using digit-wise modulo 10 addition of values P_(R,t), P_(B,t), and c_(t), denoted here using operator ⊕ as P_(R,t)⊕P_(B,t)⊕c_(t). In this manner, the final exemplary passcode P_(t) optionally embeds the auxiliary information, such as a silent alarm and/or a drifting key. Thus, the final exemplary passcode P_(t) can be referred to as an auxiliary-information enriched passcode.

To achieve generality in the disclosed server-side architectural design for OTP authentication tokens, first consider the following abstract descriptions of the three exemplary security mechanisms:

1. A split-server passcode verification protocol, shown in FIG. 2, (or simply split verification protocol) Π_(SV), as in U.S. patent application Ser. No. 13/404,737, (now U.S. Pat. No. 9,118,661) entitled “Method and Apparatus for Authenticating a User Using Multi-Server One-Time Passcode Verification;” U.S. patent application Ser. No. 13/795,801, (now U.S. Pat. No. 9,037,858) entitled “Distributed Cryptography Using Distinct Value Sets Each Comprising At Least One Obscured Secret Value;” and U.S. patent application Ser. No. 14/144,707, (now U.S. Pat. No. 9,454,654) entitled “Multi-Server One-Time Passcode Verification of Respective High Order and Low Order Passcode Portions,” is an interactive protocol run by the red server R and the blue server B where given as external input a candidate passcode P′ and a time epoch t, it involves the following operations. As shown in FIG. 2, the exemplary split-server passcode verification process 200 is initiated during step 210 when an auxiliary-information enriched candidate passcode P′ is presented to a relying party RP.

-   -   (a) Using as additional local input the protocode P_(B,t) and         pseudorandomness R_(AC,b) ^(t), server B computes (intermediate)         message m_(B,t);     -   (b) Using as additional local input the protocode P_(R,t) (and         possibly pseudorandomness R_(AC,r) ^(t), as in U.S. patent         application Ser. No. 13/404,737, (now U.S. Pat. No. 9,118,661)         entitled “Method and Apparatus for Authenticating a User Using         Multi-Server One-Time Passcode Verification.”), server R         computes (intermediate) message m_(R,t);     -   (c) Servers B and R exchange messages m_(B,t) and m_(R,t) during         step 220 (possibly in multiple stateful interactions, e.g., when         commitments are used as in U.S. patent application Ser. No.         13/404,737; now U.S. Pat. No. 9,118,661);     -   (d) Servers B and R perform a final local computation and each         outputs (final) message M_(B,t) and respectively M_(R,t);     -   (e) There exists a verification procedure Check_(SV) which on         input messages M_(B,t) and M_(R,t) outputs an auxiliary message         aux and a boolean value accept or reject, written as (aux,         {accept, reject}←Check_(SV)(M_(B,t), M_(R,t)).

For the above execution of protocol Π_(SV),

(M _(B,t) , M _(R,t))←Π_(SV)(t, P′).

Example instantiation of Π_(SV): A possible instantiation of the above abstract protocol may be implemented according to U.S. patent application Ser. No. 14/144,712, filed Dec. 31, 2013 (now U.S. Pat. No. 9,407,631) entitled “Multi-Server Passcode Verification for One-Time Authentication Tokens with Auxiliary Channel Compatibility,” as follows. For a matrix A consisting of k rows of t-bit vectors, let Ā denote the high-order, left or most-significant half of the matrix consisting of k rows of └t/2┘ bits; and let A denote the low-order, right or least-significant half of the matrix A consisting of k rows of ┌t/2┐ bits. For instance, if A is [1234,5678], then Ā=[12,56] and A=[34,78]. Then, server B uses pseudorandomness R_(AC,b) ^(t) and a binary codebook B to compute a digital codebook C_(t)=C _(t) C _(t), and sets m_(B,t)={C _(t), P _(B,t)}. Server R sets m_(R,t)=P _(R,t). Then, server B sets Ī_(t) to Ø, computes d _(t)=P′!P _(R,t)!P _(B,t), where ! may denote the digit-wise modulo 10 subtraction operation, and for each c _(j)∈C _(t), 1≤j≤2^(k), it checks if c _(j)=d _(t) and if yes, then it sets Ī_(t)←Ī_(t)∪j; finally B sets M_(B,t)=Ī_(t). Analogously, R sets I _(t) to Ø, computes d _(t)=P′!P _(R,t)!P _(B,t), and for each c_(j) ∈C _(t), 1≤j≤2^(k), it checks if c _(j)=d _(t) and if yes, then it sets I _(t)←I _(t)∪j; finally R sets M_(R,t)=I _(t). Moreover, given Ī_(t) and I _(t), the verification procedure Check_(SV) outputs mathsfaccept if and only if Ī_(t)∩I _(t)≠Ø, in which case it sets aux=Ī_(t)∩I _(t). Otherwise, it outputs (⊥, reject).

2. A silent alarm protocol Π_(SA), as in U.S. patent application Ser. No. 13/404,788, (now U.S. Pat. No. 9,515,989) entitled “Methods and Apparatus for Silent Alarm Channels Using One-Time Passcode Authentication Tokens,” is a stateful protocol run by a server where given as external input a hash tag h′ and a time epoch t, it involves the following operations:

(a) The server maintains state SA;

(b) Using as additional local input state SA and pseudorandomness R_(SA,c) ^(t), c∈{b,r}, the server computes a hash tag h; written as h←HashTag (SA,R_(SA,c) ^(t));

(c) There exists a verification procedure Check_(SA) which on input hash tags h, h′ and possibly pseudorandomness R_(SA,c) ^(t) and state SA, it outputs safe or alert and possibly updates state SA to SA′; ({⊥SA′}, {safe, alert})←Check_(SA)(h,h′,SA, R_(SA,c) ^(t)).

Example instantiation of Π_(SA): FIG. 3 illustrates an exemplary instantiation 300 of the silent alarm protocol Π_(SA) according to U.S. patent application Ser. No. 13/404,788 (now U.S. Pat. No. 9,515,989), as follows. State SA is seen as an m-bit binary string for some parameter m. Procedure HashTag (SA,R_(SA,c) ^(t)) extracts a current (for epoch t) pseudorandom mask x_(t) such that |x_(t)|=|SA| and returns the dot product of x_(t)·SA. Also, procedure Check_(SA)(h, h′, SA, R_(SA,c) ^(t)) returns alert if and only if h≠h′, in which case SA′ may be set to the next pseudorandom value according to a hash chain defined by R_(SA,c) ^(t) such that h′=HashTag(SA′,R_(SA,c) ^(t)) where the underlying pseudorandom mask used in the computation is x_(t). Otherwise, it outputs (SA, safe) or (⊥, safe) depending on whether the SA state is to be updated.

3. A drifting key protocol Π_(DK), as in U.S. patent application Ser. No. 13/250,225, entitled “Key Update With Compromise Detection”, is a stateful protocol run by a server where given as external input an update string upd′ and a time epoch t, it involves the following operations:

(a) The server maintains state DK;

(b) Using as additional local input state DK and pseudorandomness R_(DK,c) ^(t), c∈{b,r}, the server computes an update tag upd; upd←UpdTag (DK, R_(DK,c) ^(t));

(c) There exists a verification procedure Check_(DK) which on input the update tags upd and upd′ and possibly pseudorandomness R_(DK,c) ^(t) and state DK outputs consistent or inconsistent and possibly updates state DK to DK′; ({⊥, DK′}, {consistent, inconsistent})←Check_(DK) (upd,upd′,DK,R_(DK,c) ^(t)).

Example instantiation of Π_(DK): FIG. 4 illustrates an exemplary instantiation 400 of the drifting key protocol Π_(DK) according to U.S. patent application Ser. No. 13/250,225, as follows. State DK is seen as a binary string of size l_(t) that increases over time, augmented to label some bits in this string as “unknown.” Procedure UpdTag(DK,R_(DK,c) ^(t)) extracts a current set X_(t) (for epoch t) of pseudorandom masks {x_(1,t), . . . , x_(k,t)}, such that k≤l_(t) is the total number of previously successful authentications by the user and |x_(j,t)| equals the drifting-key state size n of the token (a scheme parameter), and returns (as the update tag upd) k dot products (bits) of the form x_(j,t)·DK_(j), where DK_(j) is an appropriate n-bit sub string of DK corresponding to the epoch of the j-th previously successful authentication by the user. Given the possible unknown bits in DK, the dot products x_(j,t)·DK_(j), 1≤j≤k, along with tag upd define a set E_(t) of k binary equations. Then, procedure Check_(DK) (upd, upd′, DK,R_(DK,c) ^(t)) returns inconsistent if and only if the set of binary equations E_(t)∪{upd′=x_(t)·DK_(t)} is infeasible, where mask x_(t) is extracted from R_(DK,c) ^(t) corresponding to current epoch t and DK_(t) is a new n-bit string (possibly overlapping with of DK, but definitely including some unknown bit values) corresponding to current epoch t. In this case DK′ may be set to the binary string corresponding to the new system of equations expressed by E_(t)∪{upd′=x_(t)·DK_(t)}. Otherwise, it outputs (DK′, consistent).

Exemplary Design

In one exemplary design, both the silent alarms and the drifting keys mechanisms are controlled by one of the two servers, the red server or the blue server—without loss of generality by the blue server B.

1. The relying party RP is responsible for handling the authentication request by a user and making the final accept/reject decision on this authentication attempt;

2. Along with split verification, server B is responsible for maintaining and managing the silent alarm and drifting keys states of the system;

3. Server R is solely responsible for split verification.

The following multi-server protocol interaction takes place over the above architecture, where s denotes the appropriate slack parameter used to define the length of the exact search window W used by the server-side protocol:

1. User's Passcode Transcription. A user u_(i) submits an OTP passcode P′ to the high-level application APP;

2. Relying Party's Passcode Processing. As shown in FIG. 5, the relying party RP receives from a high-level application APP a pair (u_(i), P′), where u_(i) is the user performing the authentication attempt and P′ the corresponding one-time passcode and performs the following processing:

(a) Initialization: FIG. 5 illustrates an exemplary initialization process 500. Initially, during step 510, the relying party RP sets A←Ø and ans_(OTP)←REJECT, and forwards (u_(i),P′,t,ACK_(t),d) to the two servers B and R, where t is the reference time epoch to which the authentication attempt made by the user corresponds, ACK_(t)=1 is an acknowledgement message controlling the search procedure (e.g., enforcing it to non-exhaustively terminate), and d is a specific traversal ordering of the time epochs that belong in the search window W.

(b) Passcode Search: FIG. 6 illustrates an exemplary passcode search process 600. During step 610, for each time epoch t in search window W that is retrieved by B and R, or optionally only by RP, (without repetition) according to traversal ordering d and optionally as long ACK=1, where ACK is the most recent ACK_(t) sent by RP:

i. Servers B and R run the split-server passcode verification protocol Π_(SV) during step 620, each time returning back to server RP the outputs (M_(R,t), M_(B,t), t), where (M_(R,t), M_(B,t), t)←Π_(SV)(t,P′);

ii. Then, during step 630, the server RP sets (a₁, a₂)←Check_(SV) (M_(R,t), M_(B,t), t) and if a₂=accept then it adds (a₁, t) in A, i.e., A←A∪{a₁,t}.

iii. The server RP optionally sends back to servers B and R a message (t,ACK_(t)) during step 640, where t is the next time epoch to be checked for verification, which is in turn selected by RP (without repetition) using the traversal ordering imposed by d over the time epochs that belong in the search window W, and ACK_(t)∈{0,1} being a flag optionally denoting an early termination of the search.

(c) State Synchronization: FIG. 7 illustrates an exemplary state synchronization process 700. After the passcode search is complete, the two red and blue servers synchronize their state, according to the auxiliary information that has been embedded in the passcode and possibly extracted by the relying party RP as well as the corresponding time epoch during which a successful search was performed:

i. The server RP sends servers B and R a final response r during step 710, where r is computed by processing set A as follows:

A. If A=Ø, then RP sets r=(⊥, ⊥);

B. If A ≠Ø, then RP selects an element a*=(aux*,t*) in A according to an election policy E and sets r=a* and ans_(OTP)=ACCEPT.

ii. If r≠(⊥, ⊥), then the red server R updates it local last successful epoch during step 720 to t*=r(2) (the second component of r).

iii. If r≠(⊥, ⊥), then the blue server B updates it local last successful epoch during step 720 to t*=r(2) (the second component of r).

(d) Auxiliary Information Processing: FIG. 8 illustrates an exemplary auxiliary information processing process 800. As shown in FIG. 8, the blue server B performs the following processing of the auxiliary information r=a*=(aux*, t*) received during step 810:

i. Silent Alarm Check: During step 820, Server B sets h′=aux_(SA)*, where aux_(SA)* is the silent-alarms portion of the auxiliary information (bit-string) aux* and using pseudorandomness R_(SA,b) ^(t)*, it first computes hash tag h←HashTag(SA, R_(SA,b) ^(t)*) on the current silent alarm state SA and then checks for an alert by running (SA′,result_(SA))←Check_(SA)(h, h′,SA,R_(SA,b) ^(t)*).

ii. Drifting Keys Check: During step 830, Server B sets upd′=aux_(DK)*, where aux_(DK)* is the drifting-keys portion of the auxiliary information (bit-string) aux* and using pseudorandomness R_(DK,b) ^(t)*, it first computes update tag upd←UpdTag(DK,R_(DK,b) ^(t)*) on the current drifting keys state DK and then checks for an inconsistency by running (DK′, result_(DK))←Check_(DK)(upd,upd′, DK,R_(DK,b) ^(t)*).

iii. Final Status Response: During step 840, server B returns to server RP the final response r′=(f(SA, SA′), result_(SA), result_(DK)), where f is a distance function over SA and SA′ states and f (SA, SA′)=⊥ if SA′ is ⊥, and result_(SA)=result_(DK)=⊥ if r=(⊥, ⊥).

3. Relying Party's Final Response. FIG. 9 illustrates an exemplary RP final response process 900. As shown in FIG. 9, the server RP produces and returns to the high-level application APP the final answer by processing the final status response r′=(r₁, r₂, r₃) received by server B, as follows:

(a) If r₂=alert then ans_(SA)←REJECT_(SA,i) (where i possibly depends on r₁, if r₁≠⊥), else ans_(SA)←ACCEPT_(SA);

(b) If r₃=inconsistent then ans_(DK)←REJECT_(DK), else ans_(DK)←ACCEPT_(DK);

(c) The server RP finally sets

answer=(ans_(OTP), ans_(SA), ans_(DK)).

As described, the exemplary protocol exhibits a natural trade off between communication and computation with respect to the concrete implementation of the passcode-search process of step 2.b. The relying party RP can either run the verification protocol Π_(SV) as a subroutine, by communicating to servers B and R the next time epoch t that the verification needs to run on, or RP can completely outsource to servers B and R the complete passcode-search process, by communicating to them only the initial reference time epoch and receiving in batch the evaluations of protocol Π_(SV) on every time epoch in the search window. Moreover:

(a) Depending on the configuration of the passcode-search process, the computation of the next time on which epoch protocol Π_(SV) should run can be performed by RP or by both B and R. In any case, this computation can be controlled by the traversal ordering parameter d.

(b) Depending on the configuration of the passcode-search process, the termination condition of this process may be specified implicitly by exhaustively searching in the search window or explicitly by an acknowledgement message sent in each iteration by the relying party RP. Alternatively, a “kill” signal can be sent by RP to terminate the search process. These “ack” or “kill” signals are decided by RP based on whether or not a successful passcode has been found in the search window as well as the specified false positive or false negative authentication parameters of the system.

Depending on the specified false positive or false negative authentication parameters of the system, the election policy E controls the way collisions (which happen with negligible probability) may be handled by RP.

The exemplary final outcome format contains three pieces: ans_(OTP) is the acceptance outcome with respect to the validity of the submitted passcode; ans_(SA) is the acceptance outcome with respect to a possible cloning attack against the token; and ans_(DK) is the acceptance outcome with respect to a possible seed-leakage attack against the OTP authentication system. The exact way with which the high-level application APP consumes the final authentication outcome answer is outside the scope of this invention. The exact way with which the high-level application APP can consume the final authentication outcome answer is described in the last section of this invention.

Alternative Design

In an exemplary alternative design, the silent-alarm state and drifting-keys state SA and DK, respectively, are stored and managed by the relying party RP, instead of being managed by the blue server B. This alternative configuration can have some important practical advantages in certain implementations of the disclosed split-server authentication system as it allows for more flexibility in managing the split-server authentication system (e.g., in implementing efficient recovery strategies).

Accordingly, the alternative design entails having server B communicating back to RP in the state synchronization step (c) the pseudorandomness R_(SA,b) ^(t)* and the pseudorandomness R_(DK,b) ^(t)*, which are required in the computations of the auxiliary information processing step (d), and also having this step (d) run entirely by server RP.

Flexibility in Configurations

The silent alarms and drifting keys mechanisms are independent of one another. Thus, the silent alarms and/or drifting keys mechanisms can be added to or removed from any of the disclosed server-side system architectures (in particular, both the architecture of the first exemplary design and the architecture of the alternative design presented above) without any complications, in particular, even without any token-side design change in the case where a security mechanism is removed from the system architecture. For instance, in the first exemplary design described above, one of the two security mechanisms of silent alarms or drifting keys can be removed from the end system architecture by not storing the corresponding SA or DK state and not executing the corresponding procedures HashTag and Check_(SA) or UpdTag and Check_(DK) respectively, during the auxiliary information processing phase, thus not reporting in the final response phase any acceptance or rejection final state corresponding to the removed security mechanism.

Also, in both the first exemplary design and the alternative design described above, silent alarms and drifting keys, when supported, can be configured to be handled by any of the three parties, namely the red server R or the blue server B or the relying party RP, and independently of which server (the blue, the red or the replaying party) is responsible for handling the auxiliary-information channel. For instance, assuming that the client-side design is configured to provide pseudorandomness for silent alarms that is derived by the red forward-secure pseudorandom generator G_(r), the silent alarm state can be handled (stored and processed) by the red server, and not by the blue server (as in the first exemplary design) or the relying party (as in the alternative design). In such a case, it is straightforward to appropriately adapt the protocols above to support any new configuration.

Single-Server Configuration

The full architectural design and implementation framework of the exemplary embodiments of the current invention assume the existence of two servers in the OTP authentication system, e.g., blue and red servers. In practice, many installations may have only a single server available. Implementing the security-aware split-server passcode verification techniques of the current invention on a single server may reduce the incremental security provided by the existence of two servers, but also allows for some efficiency improvements over an implementation based on two servers.

In general, using a single server has no real impact on the implementation or security of both silent alarms and drifting keys. One difference is with respect to the way passcodes are being verified. For instance, in some instantiations of the split-server passcode verification protocol, the full codeword (corresponding to an auxiliary channel) is computed and subtracted from the received passcode to obtain the protocode to be verified. That is, in this case, the exchange of partial codewords, as would be required by the full corresponding split-server passcode verification protocol, is not needed. However, depending on the exact single-server implementation, the security related to split-server passcode verification may lose a part of its security value. Indeed, in a single-server environment, both the red and blue protocodes are computed by the single server, and then combined to create the final protocode. It is noted that the seeds corresponding to the red and blue server can generally be maintained separately and the corresponding passcode-generation computations via the extraction of pseudorandomness can be done independently. This allows the possibility of migration from a single-server environment to a two-server configuration, should an additional server become available in the OTP authentication system in the future.

In particular, single-server configurations are also possible to support one or two of the silent alarms and drifting keys security mechanisms as described in the main or alternative designs presented above. Indeed, it is possible to configure an architecture where there is only one server and the relying party interacting in the passcode verification protocol by appropriately changing the procedures for implementing passcode search and passcode verification so that they are hosted at one physical machine. Two different exemplary schemes are distinguished to implement such a single-server configuration:

FIG. 10 illustrates an exemplary single server configuration 1000 that employs a split module configuraton. The relying party RP and various exchanged values in FIG. 10 operate in a similar manner to FIG. 2. As shown in FIG. 10, however, the separate functionalities of the red and blue servers are preserved but they are now implemented as distinct software modules R and B coexisting in the same machine 1010, e.g., corresponding to two distinct processes running on the same physical or virtual execution environment. In other words, the token-side design supports the use of the red and blue forward-secure pseudorandom generators as discussed above, but now the server-side component of the OTP system does not employ these distinct portions as modules hosted by different machines/entities; instead these modules operate as before but are hosted by the same machine 1010. Alternatively, this configuration can be supported by only one software module that simultaneously handles the red and blue functionalities, i.e., one process that maintains both the red and the blue pseudorandomness secret states.

FIG. 11 illustrates an exemplary single server configuration 1100 that employs a single module configuraton. As shown in FIG. 11, the red and blue portions of the OTP functionality are not supported by the token-side or by the server-side designs. Instead, there is only one forward-secure pseudorandom number generator that is employed, that is, one source of pseudorandomness used for the auxiliary channel and the silent alarms or the drifting keys security mechanisms. The separate functionalities of the red and blue servers are implemented by a single verification server 1110 that compares the presented passcode P′ to a computed passcode P_(t). It is straightforward to implement a passcode search and verification procedure that employs one such pseudorandom source: The server-side module searches in the search window to produce a passcode P_(t) that matches the candidate passcode P′ and produces valid auxiliary information (that is verified through the auxiliary channel functionality) which is, in turn, used by one or more of the two security mechanisms considered herein.

In the configurations of FIGS. 10 and 11, the silent-alarm and/or drifting key security mechanisms can be handled by either the server (and one of its two modules in the split-module configuration) or by the relying party, as described above.

Passcode Acceptance Policies

As explained above, the security features of silent alarms and drifting keys allow the authentication server(s) or the relying party to detect anomalous events that may, for instance, indicate either a physical compromise of the server or the compromise of the token's secret seed value.

Once such an anomalous event is detected, the server(s) or the relying party must determine how to respond especially in connection to the calling high-level application that consumes the authentication decision made by the OTP authentication system. The possible range of responses are determined both by the type of event and by the administrative policy in place on the server(s) or the relying party RP.

Let answer={ans_(OTP),ans_(SA),ans_(DK)} be the final answer produced by the split-server (or single-server) passcode verification protocol (in any of the configurations described above). A further aspect of the invention addresses possible reactions of the high-level application APP that performs the authentication request to the relying party RP. Conveniently, by denoting an accept state with 1, a reject state with 0, and an unset state with ⊥, the final answer can be seen as a 3-bit value a₂a₁a₀.

Normal Outcome—If answer=111 or answer=0⊥⊥, then APP allows or respectively denies access to the provided service to the end user; here, denial of authentication is due to a mistyping or not having knowledge of the passcode.

Silent Alarm Alert—If answer=101 or answer=10 ⊥, then APP enters in silent-alarm alert mode; this means that a physical or software-based cloning of the token has been detected.

Drifting Key Inconsistency—If answer=110 or answer=1⊥0, then APP enters in drifting-key inconsistency mode; this means that it has been detected a general cloning of the token.

Severe Danger Alert—If answer=100, then APP enters a severe-danger alert mode; this means that there have been detected two independent indications of cloning of the token.

Depending on a predefined policy, in silent-alarm alert mode or drifting-key inconsistency mode, APP may respond as follows by employing one or more of the following actions:

Restricted Access—The user is allowed access but in a restricted way.

Step-Up Authentication Request—The user is not allowed to access the service but instead the user is requested to make use of an additional secondary step-up authentication mechanism.

Access Denial Only—The user is simply denied access.

Honeypot Access—The user is virtually provided access but in a non-functional manner (e.g., seeing fake information, or fake out-of-service message, or experiencing a different API) so that at the same time the system is not at risk by the logged-in possible attacker, but the possible attacker is not notified that the system knows about the underlying attack, therefore, identification and punishment measures can be applied.

Depending on policy, in severe-danger alert mode, APP may respond by a stricter reaction. For instance it may deny access of the user to the service, permanently inactivate the user's account and notify the system administrator about the need to investigate on this token cloning strong evidence.

Additional response strategies are described below for the authentication server(s) or the relying party RP or the high-level calling application. Cases for responses during a silent alarm alert mode or a drifting keys inconsistency mode are distinguished. As apparent to those skilled in art, any combination of the following responses can be adopted in practice.

Individual Responses in Silent Alarm Alert Mode

If a rejecting silent alarm state is detected at the server, i.e., an alert, this indicates a possible compromise of the token. Alternative methods of tamper response, such as zeroing the token's memory, alert the attacker that tampering has been detected. Silent alarms allow the option of detecting the tampering without alerting the attacker. This allows the administrator the option of monitoring and trying to identify the attacker rather than simply locking the attacker out.

A possible range of policy options for Silent Alarms (SA) is provided in the following table.

Access Policy Logging Other Actions Deny All Access Log SA State Disable Token Grant Limited Access Log SA State Extended Monitoring, Emergency Alert Grant Full Access Log SA State Extended Monitoring, Emergency Alert

The access policies in the table are described as follows:

-   -   Deny All Access—This is the most conservative option;     -   Grant Limited Access—This allows the possible attacker access to         non-sensitive resources but locks out access to critical data;     -   Grant Full Access—Allows the full access to the user's         resources;

The possible actions are:

-   -   Disable Token—Disable the token for future use, with         administrator action required to re-enable the token;     -   Extended Monitoring—Activate detailed monitoring of the user's         actions;     -   Emergency Alert—Send immediate notification of the event to the         administrator, for example, by page, text-message, or other         real-time communication.

The “Deny All Access” policy may seem to be the obvious choice, as it prevents any access to protected resources. It does, however, alert the attacker that tampering has been detected which negates one of the primary benefits of silent alarms. Choosing one of the less restrictive options, which grant either limited or full access, increases the immediate risk but raises the probability of identifying and catching the attacker and thus preventing future attacks. This is a tradeoff that can be managed by the administrator, based on the resources being protected and the monitoring capabilities of the infrastructure.

Generally, in one or more embodiments, a silent alarm signal provides notice to a server (or enterprise) that a token believes itself to be compromised. The server may then monitor the account of the user associated with the potentially compromised token more closely. In addition, in some embodiments, a drifting key signal allows for the detection of a cloned token (which may have happened, for example, because the token itself was compromised, or because the backend server was compromised).

One or more aspects of the present disclosure recognize that combining silent alarm signals and drifting key signals may also provide more information, for example, to avoid or mitigate a costly recovery. For example, if a token emits a silent alarm, and then later the same token (and only that same token) is flagged for a drifting key violation, then it may be possible to only re-issue that same token under the assumption that the seed of the token was compromised on the end device. Without that information, the detection of a drifting key violation would not likely give the server information about whether there was a backend breach (and all devices seeds have been stolen), or a token breach, in which case only one device has been affected.

Thus, in the case that only a rejecting silent alarm state is detected for a given token (while the drifting key is accepted), there is a strong case for granting access and continuing to monitor the account. If the silent alarm triggers for a given token and then later a drifting key alert also occurs for the given token, with high probability the given token has been compromised and cloned. In the absence of other silent alarm or drifting key alerts in other devices deployed by the enterprise, this is likely to be an isolated incident and only the token of this one user needs to be replaced or otherwise disabled.

Conversely, if a drifting key alarm is raised on multiple devices in an enterprise, but none of those devices had a silent alarm detected, it is likely that the breach occurred on the server side and many, if not all, devices may be compromised. In that case, additional scrutiny should be paid to all users or all users should have their devices replaced proactively (or otherwise disabled) even without a silent alarm or drifting key alert being detected. In some embodiments, replacement (or disabling) of the tokens of all users (or a designated subset of users) may be conditioned, for example, on a minimum number or percentage of tokens having a drifting key alarm detected, and/or a specified number of such tokens having a drifting key alarm detected within a given time window.

When a drifting key alarm is raised on multiple devices in an enterprise, without silent alarms, it may also indicate that security on the server was inadequate. If multiple verification servers are not used, for example, such an event might highlight the need to move to a split server verification model using, for example, red and green servers. Alternatively, if the red and green server were on the same physical system, such an event could demonstrate the need for true physical separation of the servers, or adding additional servers to the verification set. Alternatively, the frequency of pro-activation between the servers can be increased to shorten the attacker's window. These would all be appropriate responses to such an event in various embodiments, depending on deployment specifics.

Individual Responses in Drifting Keys Alert Mode

For drifting keys, the policy options are slightly different, since it can be assumed that the attacker knows that the drift occurs, but cannot determine the random offset.

A possible range of policy options for Drifting Keys is provided in the following table.

Access Policy Logging Other Actions Deny Access Log DK State Disable Token Deny Access Log DK State Disable Token after Multiple Attempts Grant Limited Log DK State Extended Monitoring, Emergency Alert Access

The access policies in the table are described as follows:

-   -   Deny Access—This is the most conservative option;     -   Grant Limited Access—This allows the possible attacker access to         non-sensitive resources but locks out access to critical data.

The possible actions are:

-   -   Disable Token—Disable the token for future use, with         administrator action required to re-enable the token;     -   Disable Token after Multiple Attempts—Disable the token for         future use, after a threshold number of failed attempts, with         administrator action required to re-enable the token;     -   Extended Monitoring—Activate detailed monitoring of the user's         actions;     -   Emergency Alert—Send immediate notification of the event to the         administrator, for example, by page, text-message, or other         real-time communication.

As with silent alarms, there is a tradeoff between immediate security and the desire to detect and possibly catch the attacker. Allowing limited access, possibly to specially created “honeypot” resources, may be a viable alternate to immediate denial of all access.

Conclusion

The foregoing applications and associated embodiments should be considered as illustrative only, and numerous other embodiments can be configured using the techniques disclosed herein, in a wide variety of different cryptography applications.

For example, both the split server and the auxiliary-channel handling methods described herein can be extended in the case of more than two servers, assuming a token-side design that supports such extensions. For instance, if a passcode comprises of three protocode parts, say red, blue and green, then vertical splitting can be considered into three corresponding parts. Splitting into more parts than the number of protocodes is also possible if the appropriate pseudorandom information is appropriately disseminated among the servers. Similarly, auxiliary-channel handling can be supported in multi-server settings.

It should also be understood that split-server verification, as described herein, can be implemented at least in part in the form of one or more software programs stored in memory and executed by a processor of a processing device such as a computer. As mentioned previously, a memory or other storage device having such program code embodied therein is an example of what is more generally referred to herein as a “computer program product.”

The embodiments described herein can provide a number of significant advantages relative to conventional practice. For example, these embodiments can advantageously provide improved scalability and support of auxiliary channels. Also, a wide variety of different OTP verification protocols can be implemented using the disclosed techniques.

Authentication processes in other embodiments may make use of one or more operations commonly used in the context of conventional authentication processes. Examples of conventional authentication processes are disclosed in A. J. Menezes et al., Handbook of Applied Cryptography, CRC Press, 1997, which is incorporated by reference herein. These conventional processes, being well known to those skilled in the art, will not be described in further detail herein, although embodiments of the present invention may incorporate aspects of such processes.

The communication system may be implemented using one or more processing platforms. One or more of the processing modules or other components may therefore each run on a computer, storage device or other processing platform element. A given such element may be viewed as an example of what is more generally referred to herein as a “processing device.”

Referring now to FIG. 12, one possible processing platform that may be used to implement at least a portion of one or more embodiments of the invention comprises cloud infrastructure 1200. The cloud infrastructure 1200 in this exemplary processing platform comprises virtual machines (VMs) 1202-1, 1202-2, . . . 1202-M implemented using a hypervisor 1204. The hypervisor 1204 runs on physical infrastructure 1205. The cloud infrastructure 1200 further comprises sets of applications 1210-1, 1210-2, . . . 1210-M running on respective ones of the virtual machines 1202-1, 1202-2, . . . 1202-M under the control of the hypervisor 1204.

The cloud infrastructure 1200 may encompass the entire given system or only portions of that given system, such as one or more of client, servers, controller, authentication server or relying server in the system.

Although only a single hypervisor 1204 is shown in the embodiment of FIG. 12, the system may of course include multiple hypervisors each providing a set of virtual machines using at least one underlying physical machine.

An example of a commercially available hypervisor platform that may be used to implement hypervisor 1204 and possibly other portions of the system in one or more embodiments of the invention is the VMware® vSphere™ which may have an associated virtual infrastructure management system such as the VMware® vCenter™. The underlying physical machines may comprise one or more distributed processing platforms that include storage products, such as VNX and Symmetrix VMAX, both commercially available from EMC Corporation of Hopkinton, Mass. A variety of other storage products may be utilized to implement at least a portion of the system.

Another example of a processing platform is processing platform 1300 shown in FIG. 13. The processing platform 1300 in this embodiment comprises at least a portion of the given system and includes a plurality of processing devices, denoted 1302-1, 1302-2, 1302-3, . . . 1302-D, which communicate with one another over a network 1304. The network 1304 may comprise any type of network, such as a WAN, a LAN, a satellite network, a telephone or cable network, a cellular network, a wireless network such as WiFi or WiMAX, or various portions or combinations of these and other types of networks.

The processing device 1302-1 in the processing platform 1300 comprises a processor 1310 coupled to a memory 1312. The processor 1310 may comprise a microprocessor, a microcontroller, an ASIC, an FPGA or other type of processing circuitry, as well as portions or combinations of such circuitry elements, and the memory 1312, which may be viewed as an example of a “computer program product” having executable computer program code embodied therein, may comprise RAM, ROM or other types of memory, in any combination.

Also included in the processing device 1302-1 is network interface circuitry 1314, which is used to interface the processing device with the network 1304 and other system components, and may comprise conventional transceivers.

The other processing devices 1302 of the processing platform 1300 are assumed to be configured in a manner similar to that shown for processing device 1302-1 in the figure.

Again, the particular processing platform 1300 shown in the figure is presented by way of example only, and the given system may include additional or alternative processing platforms, as well as numerous distinct processing platforms in any combination, with each such platform comprising one or more computers, storage devices or other processing devices.

Multiple elements of the system may be collectively implemented on a common processing platform of the type shown in FIG. 12 or 13, or each such element may be implemented on a separate processing platform.

As is known in the art, the methods and apparatus discussed herein may be distributed as an article of manufacture that itself comprises a computer readable medium having computer readable code means embodied thereon. The computer readable program code means is operable, in conjunction with a computer system, to carry out all or some of the steps to perform the methods or create the apparatuses discussed herein. The computer readable medium may be a tangible recordable medium (e.g., floppy disks, hard drives, compact disks, memory cards, semiconductor devices, chips, application specific integrated circuits (ASICs)) or may be a transmission medium (e.g., a network comprising fiber-optics, the world-wide web, cables, or a wireless channel using time-division multiple access, code-division multiple access, or other radio-frequency channel). Any medium known or developed that can store information suitable for use with a computer system may be used. The computer-readable code means is any mechanism for allowing a computer to read instructions and data, such as magnetic variations on a magnetic media or height variations on the surface of a compact disk.

It should again be emphasized that the above-described embodiments of the invention are presented for purposes of illustration only. Many variations and other alternative embodiments may be used. For example, the techniques are applicable to a wide variety of other types of cryptographic devices and authentication systems that can benefit from distributed cryptography using distinct value sets as disclosed herein. Also, the particular configuration of communication system and processing device elements shown herein, and the associated authentication techniques, can be varied in other embodiments. Moreover, the various simplifying assumptions made above in the course of describing the illustrative embodiments should also be viewed as exemplary rather than as requirements or limitations of the invention. Numerous other alternative embodiments within the scope of the appended claims will be readily apparent to those skilled in the art. 

What is claimed is:
 1. A method, comprising: receiving an authentication passcode generated by a token associated with a user, wherein the received authentication passcode is derived from a secret seed and based on at least one protocode and embedded auxiliary information; processing the received authentication passcode to extract said embedded auxiliary information from the received authentication passcode, wherein said embedded auxiliary information comprises (i) a silent alarm signal indicating a potential compromise of said token, and (ii) a drifting key signal indicating a current drifting key state of said token that evolves over time, wherein said drifting key signal is processed to detect a cloning of said token using a copy of said secret seed; and implementing a predefined access policy based on respective values of said silent alarm signal and said drifting key signal.
 2. The method of claim 1, wherein said predefined access policy monitors one or more actions of said user when said silent alarm signal indicates said potential compromise of said token and said drifting key signal does not indicate said cloning of said token.
 3. The method of claim 1, wherein said predefined access policy one or more of replaces and disables said token when said silent alarm signal indicates said potential compromise of said token and said drifting key signal indicates said cloning of said token.
 4. The method of claim 1, wherein said predefined access policy one or more of replaces and disables a plurality of tokens for users of an enterprise when said silent alarm signal does not indicate said potential compromise of said token and said drifting key signal indicates said cloning of said token for at least some of said plurality of said tokens.
 5. The method of claim 4, wherein said plurality of said tokens are replaced or disabled only when a number of said tokens having said drifting key signal indicate said cloning of said respective token satisfies one or more of a minimum number criteria and a minimum time criteria.
 6. The method of claim 1, wherein said predefined access policy increases a server security when said silent alarm signal does not indicate said potential compromise of said token and said drifting key signal indicates said cloning of said token for at least some of a plurality of said tokens for users of an enterprise.
 7. The method of claim 1, wherein said predefined access policy comprises one or more of the following actions: allowing said user full access to said protected resource; allowing said user restricted access to said protected resource; denying said user access to said protected resource; denying said user access to said protected resource and applying an additional secondary step-up authentication mechanism; and allowing said user restricted access to said protected resource in a non-functional manner such that said user is not notified that a potential attack has been detected.
 8. A system, comprising: a memory; and at least one processing device, coupled to the memory, operative to implement the following steps: receiving an authentication passcode generated by a token associated with a user, wherein the received authentication passcode is derived from a secret seed and based on at least one protocode and embedded auxiliary information; processing the received authentication passcode to extract said embedded auxiliary information from the received authentication passcode, wherein said embedded auxiliary information comprises (i) a silent alarm signal indicating a potential compromise of said token, and (ii) a drifting key signal indicating a current drifting key state of said token that evolves over time, wherein said drifting key signal is processed to detect a cloning of said token using a copy of said secret seed; and implementing a predefined access policy based on respective values of said silent alarm signal and said drifting key signal.
 9. The system of claim 8, wherein said predefined access policy monitors one or more actions of said user when said silent alarm signal indicates said potential compromise of said token and said drifting key signal does not indicate said cloning of said token.
 10. The system of claim 8, wherein said predefined access policy one or more of replaces and disables said token when said silent alarm signal indicates said potential compromise of said token and said drifting key signal indicates said cloning of said token.
 11. The system of claim 8, wherein said predefined access policy one or more of replaces and disables a plurality of tokens for users of an enterprise when said silent alarm signal does not indicate said potential compromise of said token and said drifting key signal indicates said cloning of said token for at least some of said plurality of said tokens.
 12. The system of claim 11, wherein said plurality of said tokens are replaced or disabled only when a number of said tokens having said drifting key signal indicate said cloning of said respective token satisfies one or more of a minimum number criteria and a minimum time criteria.
 13. The system of claim 8, wherein said predefined access policy increases a server security when said silent alarm signal does not indicate said potential compromise of said token and said drifting key signal indicates said cloning of said token for at least some of a plurality of said tokens for users of an enterprise.
 14. The system of claim 8, wherein said predefined access policy comprises one or more of the following actions: allowing said user full access to said protected resource; allowing said user restricted access to said protected resource; denying said user access to said protected resource; denying said user access to said protected resource and applying an additional secondary step-up authentication mechanism; and allowing said user restricted access to said protected resource in a non-functional manner such that said user is not notified that a potential attack has been detected.
 15. A computer program product, comprising a tangible machine-readable storage medium having encoded therein executable code of one or more software programs, wherein the one or more software programs when executed by at least one processing device perform the following steps: receiving an authentication passcode generated by a token associated with a user, wherein the received authentication passcode is derived from a secret seed and based on at least one protocode and embedded auxiliary information; processing the received authentication passcode to extract said embedded auxiliary information from the received authentication passcode, wherein said embedded auxiliary information comprises (i) a silent alarm signal indicating a potential compromise of said token, and (ii) a drifting key signal indicating a current drifting key state of said token that evolves over time, wherein said drifting key signal is processed to detect a cloning of said token using a copy of said secret seed; and implementing a predefined access policy based on respective values of said silent alarm signal and said drifting key signal.
 16. The computer program product of claim 15, wherein said predefined access policy monitors one or more actions of said user when said silent alarm signal indicates said potential compromise of said token and said drifting key signal does not indicate said cloning of said token.
 17. The computer program product of claim 15, wherein said predefined access policy one or more of replaces and disables said token when said silent alarm signal indicates said potential compromise of said token and said drifting key signal indicates said cloning of said token.
 18. The computer program product of claim 15, wherein said predefined access policy one or more of replaces and disables a plurality of tokens for users of an enterprise when said silent alarm signal does not indicate said potential compromise of said token and said drifting key signal indicates said cloning of said token for at least some of said plurality of said tokens.
 19. The computer program product of claim 18, wherein said plurality of said tokens are replaced or disabled only when a number of said tokens having said drifting key signal indicate said cloning of said respective token satisfies one or more of a minimum number criteria and a minimum time criteria.
 20. The computer program product of claim 15, wherein said predefined access policy increases a server security when said silent alarm signal does not indicate said potential compromise of said token and said drifting key signal indicates said cloning of said token for at least some of a plurality of said tokens for users of an enterprise. 